Wireguard config

hi, i have stumbled about with openwrt for many years and for the most part i have managed to get everything working. I have setup Wireguard on my home network and wanted it to only work on ethernet 2 & 3 leaving ethernet 1 free from vpn and wireguard. i have wireguard up and running but when i remove it from eth1 it stops the connectivity of that connection. can someone help me understand this?

You will need to use policy based routing for this…

1 Like

thanks for the reply. so is this something i would have to add to software opkg and add this option in the interface?

luci-app-vpn-policy-routing??

Better luci-app-pbr

2 Likes

Did you update the package lists first?

yes. nothing shows as available

vpn-policy-routing

It is a third party repository.

2 Likes

this bypasses the vpn not able to configure the lan on its own. once active it applies to all interfaces

1 Like

hi if i want use luci-app-pbr i should be this command is right ?

type or paste code here
```opkg update
if ubus -S call system board | grep -q '15.05'; then
  opkg install ca-certificates wget libopenssl
elif ubus -S call system board | grep -q '19.07'; then
  opkg install uclient-fetch libustream-mbedtls ca-bundle ca-certificates
else
  opkg install wget-ssl
fi
echo -e -n 'untrusted comment: OpenWrt usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /etc/opkg/keys/7ffc7517c4cc0c56
sed -i '/stangri_repo/d' /etc/opkg/customfeeds.conf
echo 'src/gz stangri_repo https://repo.openwrt.melmac.net' >> /etc/opkg/customfeeds.conf
opkg update
1 Like

You can match specific source IPs if you don't want to divert all the packets coming in from one interface.

There is a PR to merge.

2 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.